Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/cec2a9-3013-42b4-9483-a72c404f26fd/1/NUWfScDSH56OaOCaPfBblPu0Ydg.roa
File: NUWfScDSH56OaOCaPfBblPu0Ydg.roa (raw, json)
Hash identifier: a4F0KmJ+v3pAeFAh9qDTsIqvwa1PoPI9PowXceZRGfg=
Subject key identifier: 35:45:9F:49:C0:D2:1F:9E:8E:68:E0:9A:3D:F0:5B:94:FB:B4:61:D8
Certificate issuer: /CN=99dd6f08822ae0ba5054542456923faf9040f5d0
Certificate serial: 01942067CF9712F5DEA3C75F35F78D0ECD22
Authority key identifier: 99:DD:6F:08:82:2A:E0:BA:50:54:54:24:56:92:3F:AF:90:40:F5:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/md1vCIIq4LpQVFQkVpI_r5BA9dA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/cec2a9-3013-42b4-9483-a72c404f26fd/1/NUWfScDSH56OaOCaPfBblPu0Ydg.roa
Signing time: Wed 01 Jan 2025 05:47:41 +0000
ROA not before: Wed 01 Jan 2025 05:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59752
IP address blocks: 193.109.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:cf:97:12:f5:de:a3:c7:5f:35:f7:8d:0e:cd:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99dd6f08822ae0ba5054542456923faf9040f5d0
Validity
Not Before: Jan 1 05:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35459f49c0d21f9e8e68e09a3df05b94fbb461d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:a9:05:f6:c7:d6:a5:ef:b9:c7:b6:d2:c8:
cb:62:c1:03:d4:f1:ba:54:de:01:83:6b:e6:b0:3c:
37:9f:25:7b:c9:c4:eb:fc:ee:a4:a8:17:49:db:50:
96:07:4d:d4:2d:ae:43:7c:e3:5b:ad:75:ba:2b:c5:
de:5e:ab:63:f7:07:86:cd:44:98:a3:8e:af:5a:1a:
a9:ab:ad:87:9d:ac:b7:d3:ac:96:ab:d2:79:c9:2c:
31:74:6c:eb:1c:d0:db:bb:ab:5f:9d:0b:63:d6:c5:
37:84:63:81:8d:e5:06:a0:40:64:ff:96:d0:61:b7:
90:27:2c:ff:1c:6f:e3:b7:28:c4:67:ba:d9:09:4a:
9f:fb:14:76:a3:30:e2:58:90:ae:8c:24:e5:fb:b0:
23:83:13:4d:1b:93:49:19:cc:0c:5c:04:ce:f1:8a:
6a:2a:ec:87:0a:0e:45:43:84:46:91:c8:7d:e3:31:
3d:a7:73:43:fa:d4:99:53:68:3c:30:8a:3b:58:c5:
c4:a4:da:57:9f:48:15:71:0a:46:ad:1e:98:a7:30:
59:8b:0c:c6:93:99:6b:e8:ec:d1:dd:d2:cd:68:54:
3b:4f:39:bb:9c:ed:68:a6:f3:a8:97:af:52:21:99:
00:45:e8:a9:b1:12:b5:01:f7:1b:c7:0b:16:ad:08:
ee:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:45:9F:49:C0:D2:1F:9E:8E:68:E0:9A:3D:F0:5B:94:FB:B4:61:D8
X509v3 Authority Key Identifier:
keyid:99:DD:6F:08:82:2A:E0:BA:50:54:54:24:56:92:3F:AF:90:40:F5:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/md1vCIIq4LpQVFQkVpI_r5BA9dA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/cec2a9-3013-42b4-9483-a72c404f26fd/1/NUWfScDSH56OaOCaPfBblPu0Ydg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/cec2a9-3013-42b4-9483-a72c404f26fd/1/md1vCIIq4LpQVFQkVpI_r5BA9dA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.237.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:83:64:ce:f4:80:e2:c8:6f:3c:97:38:fd:05:6a:64:ec:fe:
23:9d:98:fe:49:a7:d8:75:b4:16:12:9e:42:e0:94:8f:25:f5:
0c:b4:7d:23:59:72:e4:38:cc:91:d1:9d:d2:11:28:d4:17:78:
d5:28:a6:4b:f5:30:cc:5f:fb:3c:b3:bc:b2:bc:fd:94:63:90:
e0:73:9c:a2:d8:6c:fc:fb:2a:0b:b8:18:8d:3d:96:4f:21:8a:
e3:f0:7a:5a:10:0e:96:9d:0f:80:ea:40:a0:85:45:87:fd:96:
ff:d6:08:1c:b3:51:88:7b:84:66:13:04:a5:4e:8e:1a:e2:2c:
fa:70:d7:bd:af:ca:4d:1d:02:22:f0:25:6d:21:3e:8a:2f:b3:
6a:e7:50:72:d5:a1:6f:39:b2:aa:c1:48:e2:36:26:b4:81:d6:
d3:b4:62:66:c3:6f:f8:aa:0c:80:fb:f8:67:73:e6:26:c6:7c:
0b:8e:d4:8f:34:a0:c0:0f:79:fd:ef:f7:9a:35:ca:98:83:ef:
d8:e7:31:04:22:ff:af:1b:2c:1f:65:07:b3:67:4d:79:5b:87:
1f:dc:c8:10:1e:b9:e7:44:14:4b:2f:8c:df:7c:76:ad:a4:83:
a9:14:83:08:f7:a8:de:d7:f3:50:b6:be:e9:61:e4:cb:1e:cd:
f4:70:b0:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ8+XEvXeo8dfNfeNDs0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZGQ2ZjA4ODIyYWUwYmE1MDU0NTQyNDU2OTIzZmFmOTA0
MGY1ZDAwHhcNMjUwMTAxMDU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQ1OWY0OWMwZDIxZjllOGU2OGUwOWEzZGYwNWI5NGZiYjQ2MWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlGpBfbH1qXvuce20sjLYsED1PG6
VN4Bg2vmsDw3nyV7ycTr/O6kqBdJ21CWB03ULa5DfONbrXW6K8XeXqtj9weGzUSY
o46vWhqpq62Hnay306yWq9J5ySwxdGzrHNDbu6tfnQtj1sU3hGOBjeUGoEBk/5bQ
YbeQJyz/HG/jtyjEZ7rZCUqf+xR2ozDiWJCujCTl+7AjgxNNG5NJGcwMXATO8Ypq
KuyHCg5FQ4RGkch94zE9p3ND+tSZU2g8MIo7WMXEpNpXn0gVcQpGrR6YpzBZiwzG
k5lr6OzR3dLNaFQ7Tzm7nO1opvOol69SIZkAReipsRK1AfcbxwsWrQju0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDVFn0nA0h+ejmjgmj3wW5T7tGHYMB8GA1UdIwQY
MBaAFJndbwiCKuC6UFRUJFaSP6+QQPXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWQxdkNJSXE0THBRVkZRa1ZwSV9yNUJBOWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9jZWMyYTktMzAxMy00MmI0LTk0ODMt
YTcyYzQwNGYyNmZkLzEvTlVXZlNjRFNINTZPYU9DYVBmQmJsUHUwWWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9jZWMyYTktMzAxMy00MmI0LTk0ODMtYTcyYzQwNGYyNmZk
LzEvbWQxdkNJSXE0THBRVkZRa1ZwSV9yNUJBOWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW3tMA0G
CSqGSIb3DQEBCwUAA4IBAQA/g2TO9IDiyG88lzj9BWpk7P4jnZj+SafYdbQWEp5C
4JSPJfUMtH0jWXLkOMyR0Z3SESjUF3jVKKZL9TDMX/s8s7yyvP2UY5Dgc5yi2Gz8
+yoLuBiNPZZPIYrj8HpaEA6WnQ+A6kCghUWH/Zb/1ggcs1GIe4RmEwSlTo4a4iz6
cNe9r8pNHQIi8CVtIT6KL7Nq51By1aFvObKqwUjiNia0gdbTtGJmw2/4qgyA+/hn
c+YmxnwLjtSPNKDAD3n97/eaNcqYg+/Y5zEEIv+vGywfZQezZ015W4cf3MgQHrnn
RBRLL4zffHatpIOpFIMI96je1/NQtr7pYeTLHs30cLDE
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:36:59 2025 by rpki-client